[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools:misc:xenlockprof: fix possible format string overflow

On Tue, Apr 04, 2017 at 07:31:59PM +0200, Seraphime Kirkovski wrote:
> GCC7 complains about a possible overflow/truncation in xenlockprof.
> 
> xenlockprof.c: In function ‘main’:
> xenlockprof.c:100:53: error: ‘%s’ directive writing up to 39 bytes into a
>                          region of size between 17 and 37 
> [-Werror=format-overflow=]
>              sprintf(name, "unknown type(%d) %d lock %s", data[j].type,
>                                                      ^~
> xenlockprof.c:100:13: note: ‘sprintf’ output between 24 and 83 bytes
>                                              into a destination of size 60
>              sprintf(name, "unknown type(%d) %d lock %s", data[j].type,
>              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                      data[j].idx, data[j].name);
>                      ~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> This increases the size of name to 100. Not the most scalable solution,
> but certainly the "cheapest", as it doesn't add dependencies for
> asprintf.
> 
> Signed-off-by: Seraphime Kirkovski <kirkseraph@xxxxxxxxx>

Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.